jam.paseto

paseto

PASETO auth* tokens.

Modules:

Name	Description
utils
v1
v2
v3
v4

Classes:

Name	Description
BasePASETO	Base PASETO instance.
PASETOv1	Paseto v1 factory.
PASETOv2	PASETO v2 factory.
PASETOv3	PASETO v3 factory.
PASETOv4	PASETO v4 factory.

Functions:

Name	Description
create_instance	Create PASETO instance.

BasePASETO

BasePASETO()

Bases: ABC

Base PASETO instance.

Methods:

Name	Description
decode	Decode PASETO.
encode	Generate token from key instance.
key	Create a PASETO instance with the given key.
load_rsa_key	Load rsa key from string | bytes.

Attributes:

Name	Type	Description
purpose	Literal['local', 'public'] | None	Return PASETO purpose.

purpose property

purpose: Literal['local', 'public'] | None

Return PASETO purpose.

decode abstractmethod

decode(
    token: str,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> tuple[dict[str, Any], dict[str, Any] | None]

Decode PASETO.

Parameters:

Name	Type	Description	Default
token	str	Token	required
serializer	BaseEncoder	JSON Encoder	JsonEncoder

Returns:

Type	Description
tuple[dict[str, Any], dict[str, Any] | None]	tuple[dict[str, Any], Optional[dict[str, Any]]]: Payload, footer

encode abstractmethod

encode(
    payload: dict[str, Any],
    footer: dict[str, Any] | str | None = None,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> str

Generate token from key instance.

Parameters:

Name	Type	Description	Default
payload	dict[str, Any]	Payload for token	required
footer	dict[str, Any] | str | None	Token footer	None
serializer	BaseEncoder	JSON Encoder	JsonEncoder

key abstractmethod classmethod

key(
    purpose: Literal["local", "public"],
    secret_key: str | bytes,
) -> PASETO

Create a PASETO instance with the given key.

Parameters:

Name	Type	Description	Default
purpose	Literal['local', 'public']	'local' (symmetric encryption) or 'public' (asymmetric signing)	required
secret_key	str | bytes	raw bytes or PEM text depending on purpose	required

Returns:

Name	Type	Description
PASETO	PASETO	configured PASETO instance for encoding/decoding tokens.

load_rsa_key staticmethod

load_rsa_key(
    key: RSAKeyLike | None, *, private: bool = True
) -> Any

Load rsa key from string | bytes.

Parameters:

Name	Type	Description	Default
key	RSAKeyLike | None	RSA Key	required
private	bool	Private or public	True

Raises:

Type	Description
JamPASETOInvalidRSAKey	Invalid RSA key format.

PASETOv1

PASETOv1()

Bases: BasePASETO

Paseto v1 factory.

Methods:

Name	Description
decode	Decode PASETO.
encode	Encode PASETO.
key	Return PASETO instance.

decode

decode(
    token: str,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> tuple[dict[str, Any], dict[str, Any] | None]

Decode PASETO.

Parameters:

Name	Type	Description	Default
token	str	PASETO	required
serializer	BaseEncoder	Json serializer	JsonEncoder

encode

encode(
    payload: dict[str, Any],
    footer: dict[str, Any] | str | None = None,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> str

Encode PASETO.

key classmethod

key(
    purpose: Literal["local", "public"],
    secret_key: str
    | bytes
    | None
    | RSAPrivateKey
    | RSAPublicKey,
) -> PASETO

Return PASETO instance.

Parameters:

Name	Type	Description	Default
purpose	Literal['local', 'public']	Paseto purpose	required
secret_key	str | bytes	PEM or secret key	required

Raises:

Type	Description
JamPASETOInvalidRSAKey	If the key is invalid.

Returns:

Name	Type	Description
PASETO	PASETO	Paseto instance

PASETOv2

PASETOv2()

Bases: BasePASETO

PASETO v2 factory.

Methods:

Name	Description
decode	Decode.
encode	Encode.
key	Create PASETOv2 instance from provided key.

decode

decode(
    token: str,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> tuple[dict[str, Any], dict[str, Any] | None]

Decode.

encode

encode(
    payload: dict[str, Any],
    footer: dict[str, Any] | str | None = None,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> str

Encode.

key classmethod

key(
    purpose: Literal["local", "public"],
    secret_key: str
    | bytes
    | Ed25519PrivateKey
    | Ed25519PublicKey,
) -> PASETO

Create PASETOv2 instance from provided key.

PASETOv3

PASETOv3()

Bases: BasePASETO

PASETO v3 factory.

Methods:

Name	Description
decode	Decode PASETO.
encode	Encode PASETO.
key	Create PASETOv3 instance.

decode

decode(
    token: str,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> tuple[
    dict[str, Any], dict[str, Any] | str | bytes | None
]

Decode PASETO.

Parameters:

Name	Type	Description	Default
token	str	PASETO	required
serializer	type[BaseEncoder] | BaseEncoder]	JSON serializer	JsonEncoder

Returns:

Type	Description
tuple[dict[str, Any], dict[str, Any] | str | bytes | None]	Payload and dict

encode

encode(
    payload: dict[str, Any],
    footer: dict[str, Any] | str | bytes | None = None,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> str

Encode PASETO.

Parameters:

Name	Type	Description	Default
payload	dict[str, Any]	Token payload	required
footer	dict[str, Any] | None	Footer if needed	None
serializer	type[BaseEncoder] | BaseEncoder	JSON Serializer	JsonEncoder

Returns:

Name	Type	Description
str	str	Token

key classmethod

key(
    purpose: Literal["local", "public"],
    secret_key: str | bytes,
    public_key: str | bytes | None = None,
) -> PASETO

Create PASETOv3 instance.

Parameters:

Name	Type	Description	Default
purpose	str	"local" or "public"	required
secret_key	str | bytes	Private PEM	required
public_key	str | bytes | None	Public PEM	None

PASETOv4

PASETOv4()

Bases: BasePASETO

PASETO v4 factory.

Methods:

Name	Description
decode	Decode PASETO.
encode	Encode PASETO.
key	Create PASETO Factory.

decode

decode(
    token: str,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> tuple[
    dict[str, Any], dict[str, Any] | str | bytes | None
]

Decode PASETO.

Parameters:

Name	Type	Description	Default
token	str	PASETO	required
serializer	type[BaseEncoder] | BaseEncoder]	JSON Serializer	JsonEncoder

Raises:

Type	Description
JamPASETOInvalidTokenFormat	If the token format is invalid.
JamPASETOInvalidED25519Key	If the key is not a valid ED25519 key.
JamPASETOKeyVerificationError	If the token signature is invalid.
JamPASETOInvalidPurpose	If the purpose is not "local" or "public".

encode

encode(
    payload: dict[str, Any],
    footer: dict[str, Any] | str | bytes | None = None,
    serializer: type[BaseEncoder]
    | BaseEncoder = JsonEncoder,
) -> str

Encode PASETO.

Parameters:

Name	Type	Description	Default
payload	dict[str, Any]	PASETO Payload	required
footer	dict[str, Any] | str | None	Footer if needed	None
serializer	type[BaseEncoder] | BaseEncoder	JSON Serializer	JsonEncoder

Returns:

Name	Type	Description
str	str	PASETO

Raises:

Type	Description
JamPASETOInvalidED25519Key	If the key is not a valid ED25519 key.
JamPASETOInvalidPurpose	If the purpose is not "local" or "public".

key classmethod

key(
    purpose: Literal["local", "public"],
    secret_key: str | bytes | Ed25519PrivateKey,
) -> PASETO

Create PASETO Factory.

Parameters:

Name	Type	Description	Default
purpose	Literal['local', 'public']	PASETO type	required
secret_key	str | bytes | Ed25519PrivateKey	Secret or ED Private key	required

Raises:

Type	Description
JamPASETOInvalidED25519Key	If the key is not a valid ED25519 key.
JamPASETOInvalidPurpose	If the purpose is not "local" or "public".

create_instance

create_instance(
    version: Literal["v1", "v2", "v3", "v4"],
    purpose: Literal["local", "public"],
    secret_key: str | bytes | Any,
    logger: BaseLogger = logger,
    **kwargs: Any,
) -> PASETO

Create PASETO instance.

Parameters:

Name	Type	Description	Default
version	str	"v1" | "v2" | "v3" | "v4"	required
purpose	str	"local" | "public"	required
secret_key	str | bytes | Any	Secret or asymmetric key (can be file path)	required
logger	BaseLogger	Logger instance	logger
**kwargs	Any	Additional params (e.g., custom_module)	{}

Returns:

Type	Description
PASETO	PASETO instance